access controll

1Privilgeges
 1) Database security:
  --System security
  --Data security
 2)System privileges:Caining access to the database
 3)Object privileges:manipulationg thee content of the database objects
 4)Schemas:Collections of objects ,such as tables,views,and sequences
2System Privileges
  . More than 100 privileges are available;
  . The database administrator has high-levle system privileges for tasks such as:
    creating new user,removing user,removing tables,backing up tables
3 Creating user
 the dba creates users by using the create user statement
 create user user
 identified by password;
 e.g create user object scott
     identified by tiger;

 SQL> create user testuser
  2  identified by test;

User created

SQL> conn testuser/test@orcl2000
Not logged on

SQL> grant access session to testuser;

grant access session to testuser

Not logged on

SQL> conn digit_cc/digit_cc@orcl2000
Connected to Oracle9i Enterprise Edition Release 9.2.0.1.0
Connected as digit_cc

SQL> grant create session to testuser;

Grant succeeded

SQL> conn testuser/test@orcl2000;
Connected to Oracle9i Enterprise Edition Release 9.2.0.1.0
Connected as testuser
4 user System privileges
 once a user is created,the dba can grant specific system privileges to a user
 grant privilege[,privilege...]
 to user [,user|role,public...];

 DBA can grant a user specific system privileges
 grant create session,create table,create sequence,create view  to scott;
5 creating and granting privileges to role
' Create a role
  create role manager;
 .grant privileges to a role
  grant create table,create view to manager
 .Grant a role to user
  grant manager to kochar;
 
SQL> create role testrole;

Role created

SQL> grant create table,create view,create sequence to testrole;

Grant succeeded

SQL> grant testrole to testuser;
6 change your password
 you can change your password by using the alter user statement;
 alter user scott
 indetified by lion;
7 object privileges
 object privileges vary from object to object
 an owner has all the privilege to the object
 an owner can give specific privilege on that owner object
  grant select on auther to testuser;
  grant select on outher to testuser with grant option -- testuser also can grant it to

other user;
  grant update(department_name,location_id)
  on departments
  to scott,manager;
8 how to revoke object privileges
 --you use the revoke statement to revoke privileges granted to other users
 --privileges granted to other users through the with grant option clause are also revoked.
  revoke privilege {[,privilege...]|all} on object
  from {user[,user....]|role|public}
  [cascade constraints]
  revoke select on author from user;
9 Database Links
 Database link allow user to access data in the remote database;
SQL> create database link kjw1
  2  connect to digit_cc identified by digit_cc
  3  using 'orcl2000';

Database link created

SQL> select * from digit_cc.table_action@kjw1;

posted on 2006-09-29 15:40 康文 阅读(231) 评论(0)  编辑  收藏 所属分类: 数据库


只有注册用户登录后才能发表评论。


网站导航:
 
<2006年9月>
272829303112
3456789
10111213141516
17181920212223
24252627282930
1234567

导航

统计

常用链接

留言簿(1)

随笔分类

随笔档案

文章档案

搜索

最新评论

阅读排行榜

评论排行榜